X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=app%2Fconfig%2Fsecurity.yml;h=0748c06ce03d316c67e5237541718569d95caa9a;hb=refs%2Fpull%2F1856%2Fhead;hp=576cfd25d7f7d41094f6c64004bd0c1ca93b143e;hpb=16dabc326311f084d671be188c7941bbb3c341c9;p=github%2Fwallabag%2Fwallabag.git

diff --git a/app/config/security.yml b/app/config/security.yml
index 576cfd25..0748c06c 100644
--- a/app/config/security.yml
+++ b/app/config/security.yml
@@ -15,6 +15,11 @@ security:
     # the main part of the security, where you can set up firewalls
     # for specific sections of your app
     firewalls:
+        # disables authentication for assets and the profiler, adapt it according to your needs
+        dev:
+            pattern: ^/(_(profiler|wdt)|css|images|js)/
+            security: false
+
         oauth_token:
             pattern: ^/oauth/v2/token
             security: false
@@ -33,11 +38,11 @@ security:
             pattern: ^/
             form_login:
                 provider: fos_userbundle
-                csrf_provider: security.csrf.token_manager
+                csrf_token_generator: security.csrf.token_manager
 
             anonymous:    true
             remember_me:
-                key:      "%secret%"
+                secret:   "%secret%"
                 lifetime: 31536000
                 path:     /
                 domain:   ~
@@ -48,8 +53,11 @@ security:
 
     access_control:
         - { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/api/version, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: /(unread|starred|archive).xml$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/settings, roles: ROLE_SUPER_ADMIN }
+        - { path: ^/annotations, roles: ROLE_USER }
         - { path: ^/, roles: ROLE_USER }